blob: 7d68e85c7f08ce02807a9afdfcd9493525400e03 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
{
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
../common/global
../common/optional/wireless.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "work";
# Slows down write operations considerably
nix.settings.auto-optimise-store = false;
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
# Add any missing dynamic libraries for unpackaged programs
# here, NOT in environment.systemPackages
];
services = {
logind.extraConfig = ''
HandleLidSwitchExternalPower=ignore
'';
tmate-ssh-server.enable = true;
xserver = {
enable = true;
displayManager.startx.enable = true;
windowManager.awesome = {
enable = true;
luaModules = with pkgs.luaPackages; [
luarocks # is the package manager for Lua modules
luadbi-mysql # Database abstraction layer
];
};
};
};
virtualisation = {
docker = {
enable = true;
daemon.settings = {
userland-proxy = false;
experimental = true;
metrics-addr = "0.0.0.0:9323";
ipv6 = true;
fixed-cidr-v6 = "fd00::/80";
};
# rootless = {
# enable = true;
# setSocketVariable = true;
# };
storageDriver = "btrfs";
};
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = true;
swtpm.enable = true;
ovmf = {
enable = true;
packages = [
(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
})
.fd
];
};
};
};
};
users.users.sadbeast = {
hashedPasswordFile = config.sops.secrets.sadbeast-password.path;
extraGroups = ["docker" "libvirtd"];
subUidRanges = [
{
startUid = 100000;
count = 65536;
}
];
subGidRanges = [
{
startGid = 100000;
count = 65536;
}
];
};
environment = {
systemPackages = [
(pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" ''
qemu-system-x86_64 \
-bios ${pkgs.OVMF.fd}/FV/OVMF.fd \
"$@"
'')
pkgs.qemu
];
};
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "24.11";
}
|
